--- //depot/vendor/freebsd/src/sys/netinet/in_pcb.c 2004/03/25 07:16:43 +++ //depot/user/pjd/pcbcred/sys/netinet/in_pcb.c 2004/03/26 05:27:39 @@ -211,10 +211,10 @@ } int -in_pcbbind(inp, nam, td) +in_pcbbind(inp, nam, cred) register struct inpcb *inp; struct sockaddr *nam; - struct thread *td; + struct ucred *cred; { int anonport, error; @@ -226,7 +226,7 @@ anonport = inp->inp_lport == 0 && (nam == NULL || ((struct sockaddr_in *)nam)->sin_port == 0); error = in_pcbbind_setup(inp, nam, &inp->inp_laddr.s_addr, - &inp->inp_lport, td); + &inp->inp_lport, cred); if (error) return (error); if (in_pcbinshash(inp) != 0) { @@ -249,12 +249,12 @@ * On error, the values of *laddrp and *lportp are not changed. */ int -in_pcbbind_setup(inp, nam, laddrp, lportp, td) +in_pcbbind_setup(inp, nam, laddrp, lportp, cred) struct inpcb *inp; struct sockaddr *nam; in_addr_t *laddrp; u_short *lportp; - struct thread *td; + struct ucred *cred; { struct socket *so = inp->inp_socket; unsigned short *lastport; @@ -288,7 +288,7 @@ return (EAFNOSUPPORT); #endif if (sin->sin_addr.s_addr != INADDR_ANY) - if (prison_ip(td->td_ucred, 0, &sin->sin_addr.s_addr)) + if (prison_ip(cred, 0, &sin->sin_addr.s_addr)) return(EINVAL); if (sin->sin_port != *lportp) { /* Don't allow the port to change. */ @@ -319,9 +319,9 @@ /* GROSS */ if (ntohs(lport) <= ipport_reservedhigh && ntohs(lport) >= ipport_reservedlow && - td && suser_cred(td->td_ucred, PRISON_ROOT)) + suser_cred(cred, PRISON_ROOT)) return (EACCES); - if (td && jailed(td->td_ucred)) + if (jailed(cred)) prison = 1; if (so->so_cred->cr_uid != 0 && !IN_MULTICAST(ntohl(sin->sin_addr.s_addr))) { @@ -357,8 +357,7 @@ return (EADDRINUSE); } } - if (prison && - prison_ip(td->td_ucred, 0, &sin->sin_addr.s_addr)) + if (prison && prison_ip(cred, 0, &sin->sin_addr.s_addr)) return (EADDRNOTAVAIL); t = in_pcblookup_local(pcbinfo, sin->sin_addr, lport, prison ? 0 : wild); @@ -387,7 +386,7 @@ int count; if (laddr.s_addr != INADDR_ANY) - if (prison_ip(td->td_ucred, 0, &laddr.s_addr)) + if (prison_ip(cred, 0, &laddr.s_addr)) return (EINVAL); if (inp->inp_flags & INP_HIGHPORT) { @@ -395,8 +394,7 @@ last = ipport_hilastauto; lastport = &pcbinfo->lasthi; } else if (inp->inp_flags & INP_LOWPORT) { - if (td && (error = suser_cred(td->td_ucred, - PRISON_ROOT)) != 0) + if ((error = suser_cred(cred, PRISON_ROOT)) != 0) return error; first = ipport_lowfirstauto; /* 1023 */ last = ipport_lowlastauto; /* 600 */ @@ -445,7 +443,7 @@ wild)); } } - if (prison_ip(td->td_ucred, 0, &laddr.s_addr)) + if (prison_ip(cred, 0, &laddr.s_addr)) return (EINVAL); *laddrp = laddr.s_addr; *lportp = lport; @@ -459,10 +457,10 @@ * then pick one. */ int -in_pcbconnect(inp, nam, td) +in_pcbconnect(inp, nam, cred) register struct inpcb *inp; struct sockaddr *nam; - struct thread *td; + struct ucred *cred; { u_short lport, fport; in_addr_t laddr, faddr; @@ -472,7 +470,7 @@ laddr = inp->inp_laddr.s_addr; anonport = (lport == 0); error = in_pcbconnect_setup(inp, nam, &laddr, &lport, &faddr, &fport, - NULL, td); + NULL, cred); if (error) return (error); @@ -518,7 +516,7 @@ * is set to NULL. */ int -in_pcbconnect_setup(inp, nam, laddrp, lportp, faddrp, fportp, oinpp, td) +in_pcbconnect_setup(inp, nam, laddrp, lportp, faddrp, fportp, oinpp, cred) register struct inpcb *inp; struct sockaddr *nam; in_addr_t *laddrp; @@ -526,12 +524,12 @@ in_addr_t *faddrp; u_short *fportp; struct inpcb **oinpp; - struct thread *td; + struct ucred *cred; { struct sockaddr_in *sin = (struct sockaddr_in *)nam; struct in_ifaddr *ia; struct sockaddr_in sa; - struct ucred *cred; + struct ucred *socred; struct inpcb *oinp; struct in_addr laddr, faddr; u_short lport, fport; @@ -549,14 +547,14 @@ lport = *lportp; faddr = sin->sin_addr; fport = sin->sin_port; - cred = inp->inp_socket->so_cred; - if (laddr.s_addr == INADDR_ANY && jailed(cred)) { + socred = inp->inp_socket->so_cred; + if (laddr.s_addr == INADDR_ANY && jailed(socred)) { bzero(&sa, sizeof(sa)); - sa.sin_addr.s_addr = htonl(prison_getip(cred)); + sa.sin_addr.s_addr = htonl(prison_getip(socred)); sa.sin_len = sizeof(sa); sa.sin_family = AF_INET; error = in_pcbbind_setup(inp, (struct sockaddr *)&sa, - &laddr.s_addr, &lport, td); + &laddr.s_addr, &lport, cred); if (error) return (error); } @@ -647,7 +645,8 @@ return (EADDRINUSE); } if (lport == 0) { - error = in_pcbbind_setup(inp, NULL, &laddr.s_addr, &lport, td); + error = in_pcbbind_setup(inp, NULL, &laddr.s_addr, &lport, + cred); if (error) return (error); } --- //depot/vendor/freebsd/src/sys/netinet/in_pcb.h 2004/03/25 07:16:43 +++ //depot/user/pjd/pcbcred/sys/netinet/in_pcb.h 2004/03/26 04:47:01 @@ -339,13 +339,13 @@ void in_pcbpurgeif0(struct inpcbinfo *, struct ifnet *); int in_pcballoc(struct socket *, struct inpcbinfo *, struct thread *, const char *); -int in_pcbbind(struct inpcb *, struct sockaddr *, struct thread *); +int in_pcbbind(struct inpcb *, struct sockaddr *, struct ucred *); int in_pcbbind_setup(struct inpcb *, struct sockaddr *, in_addr_t *, - u_short *, struct thread *); -int in_pcbconnect(struct inpcb *, struct sockaddr *, struct thread *); + u_short *, struct ucred *); +int in_pcbconnect(struct inpcb *, struct sockaddr *, struct ucred *); int in_pcbconnect_setup(struct inpcb *, struct sockaddr *, in_addr_t *, u_short *, in_addr_t *, u_short *, struct inpcb **, - struct thread *); + struct ucred *); void in_pcbdetach(struct inpcb *); void in_pcbdisconnect(struct inpcb *); int in_pcbinshash(struct inpcb *); --- //depot/vendor/freebsd/src/sys/netinet/ip_divert.c 2004/02/25 16:30:40 +++ //depot/user/pjd/pcbcred/sys/netinet/ip_divert.c 2004/03/26 04:47:01 @@ -505,7 +505,7 @@ else { ((struct sockaddr_in *)nam)->sin_addr.s_addr = INADDR_ANY; INP_LOCK(inp); - error = in_pcbbind(inp, nam, td); + error = in_pcbbind(inp, nam, td->td_ucred); INP_UNLOCK(inp); } INP_INFO_WUNLOCK(&divcbinfo); --- //depot/vendor/freebsd/src/sys/netinet/tcp_syncache.c 2004/02/14 13:50:39 +++ //depot/user/pjd/pcbcred/sys/netinet/tcp_syncache.c 2004/03/26 04:47:01 @@ -632,7 +632,8 @@ laddr6 = inp->in6p_laddr; if (IN6_IS_ADDR_UNSPECIFIED(&inp->in6p_laddr)) inp->in6p_laddr = sc->sc_inc.inc6_laddr; - if (in6_pcbconnect(inp, (struct sockaddr *)&sin6, &thread0)) { + if (in6_pcbconnect(inp, (struct sockaddr *)&sin6, + thread0.td_ucred)) { inp->in6p_laddr = laddr6; goto abort; } @@ -656,7 +657,8 @@ laddr = inp->inp_laddr; if (inp->inp_laddr.s_addr == INADDR_ANY) inp->inp_laddr = sc->sc_inc.inc_laddr; - if (in_pcbconnect(inp, (struct sockaddr *)&sin, &thread0)) { + if (in_pcbconnect(inp, (struct sockaddr *)&sin, + thread0.td_ucred)) { inp->inp_laddr = laddr; goto abort; } --- //depot/vendor/freebsd/src/sys/netinet/tcp_usrreq.c 2004/02/16 14:25:21 +++ //depot/user/pjd/pcbcred/sys/netinet/tcp_usrreq.c 2004/03/26 04:47:01 @@ -252,7 +252,7 @@ error = EAFNOSUPPORT; goto out; } - error = in_pcbbind(inp, nam, td); + error = in_pcbbind(inp, nam, td->td_ucred); if (error) goto out; COMMON_END(PRU_BIND); @@ -294,11 +294,12 @@ in6_sin6_2_sin(&sin, sin6p); inp->inp_vflag |= INP_IPV4; inp->inp_vflag &= ~INP_IPV6; - error = in_pcbbind(inp, (struct sockaddr *)&sin, td); + error = in_pcbbind(inp, (struct sockaddr *)&sin, + td->td_ucred); goto out; } } - error = in6_pcbbind(inp, nam, td); + error = in6_pcbbind(inp, nam, td->td_ucred); if (error) goto out; COMMON_END(PRU_BIND); @@ -319,7 +320,7 @@ COMMON_START(); if (inp->inp_lport == 0) - error = in_pcbbind(inp, (struct sockaddr *)0, td); + error = in_pcbbind(inp, (struct sockaddr *)0, td->td_ucred); if (error == 0) tp->t_state = TCPS_LISTEN; COMMON_END(PRU_LISTEN); @@ -340,7 +341,7 @@ inp->inp_vflag &= ~INP_IPV4; if ((inp->inp_flags & IN6P_IPV6_V6ONLY) == 0) inp->inp_vflag |= INP_IPV4; - error = in6_pcbbind(inp, (struct sockaddr *)0, td); + error = in6_pcbbind(inp, (struct sockaddr *)0, td->td_ucred); } if (error == 0) tp->t_state = TCPS_LISTEN; @@ -865,7 +866,7 @@ bzero(&tao, sizeof(tao)); if (inp->inp_lport == 0) { - error = in_pcbbind(inp, (struct sockaddr *)0, td); + error = in_pcbbind(inp, (struct sockaddr *)0, td->td_ucred); if (error) return error; } @@ -878,7 +879,7 @@ laddr = inp->inp_laddr; lport = inp->inp_lport; error = in_pcbconnect_setup(inp, nam, &laddr.s_addr, &lport, - &inp->inp_faddr.s_addr, &inp->inp_fport, &oinp, td); + &inp->inp_faddr.s_addr, &inp->inp_fport, &oinp, td->td_ucred); if (error && oinp == NULL) return error; if (oinp) { @@ -949,7 +950,7 @@ bzero(&tao, sizeof(tao)); if (inp->inp_lport == 0) { - error = in6_pcbbind(inp, (struct sockaddr *)0, td); + error = in6_pcbbind(inp, (struct sockaddr *)0, td->td_ucred); if (error) return error; } --- //depot/vendor/freebsd/src/sys/netinet/udp_usrreq.c 2004/02/25 16:30:40 +++ //depot/user/pjd/pcbcred/sys/netinet/udp_usrreq.c 2004/03/26 05:27:39 @@ -795,7 +795,7 @@ goto release; } error = in_pcbbind_setup(inp, (struct sockaddr *)&src, - &laddr.s_addr, &lport, td); + &laddr.s_addr, &lport, td->td_ucred); if (error) goto release; } @@ -809,7 +809,7 @@ goto release; } error = in_pcbconnect_setup(inp, addr, &laddr.s_addr, &lport, - &faddr.s_addr, &fport, NULL, td); + &faddr.s_addr, &fport, NULL, td->td_ucred); if (error) goto release; @@ -970,7 +970,7 @@ } INP_LOCK(inp); s = splnet(); - error = in_pcbbind(inp, nam, td); + error = in_pcbbind(inp, nam, td->td_ucred); splx(s); INP_UNLOCK(inp); INP_INFO_WUNLOCK(&udbinfo); @@ -1000,7 +1000,7 @@ sin = (struct sockaddr_in *)nam; if (td && jailed(td->td_ucred)) prison_remote_ip(td->td_ucred, 0, &sin->sin_addr.s_addr); - error = in_pcbconnect(inp, nam, td); + error = in_pcbconnect(inp, nam, td->td_ucred); splx(s); if (error == 0) soisconnected(so); --- //depot/vendor/freebsd/src/sys/netinet6/in6_pcb.c 2004/02/13 06:50:50 +++ //depot/user/pjd/pcbcred/sys/netinet6/in6_pcb.c 2004/03/26 04:47:01 @@ -123,10 +123,10 @@ struct in6_addr zeroin6_addr; int -in6_pcbbind(inp, nam, td) +in6_pcbbind(inp, nam, cred) register struct inpcb *inp; struct sockaddr *nam; - struct thread *td; + struct ucred *cred; { struct socket *so = inp->inp_socket; struct sockaddr_in6 *sin6 = (struct sockaddr_in6 *)NULL; @@ -190,8 +190,8 @@ struct inpcb *t; /* GROSS */ - if (ntohs(lport) < IPV6PORT_RESERVED && td && - suser_cred(td->td_ucred, PRISON_ROOT)) + if (ntohs(lport) < IPV6PORT_RESERVED && + suser_cred(cred, PRISON_ROOT)) return (EACCES); if (so->so_cred->cr_uid != 0 && !IN6_IS_ADDR_MULTICAST(&sin6->sin6_addr)) { @@ -274,7 +274,7 @@ } if (lport == 0) { int e; - if ((e = in6_pcbsetport(&inp->in6p_laddr, inp, td)) != 0) + if ((e = in6_pcbsetport(&inp->in6p_laddr, inp, cred)) != 0) return (e); } else { @@ -360,10 +360,10 @@ * then pick one. */ int -in6_pcbconnect(inp, nam, td) +in6_pcbconnect(inp, nam, cred) register struct inpcb *inp; struct sockaddr *nam; - struct thread *td; + struct ucred *cred; { struct in6_addr *addr6; register struct sockaddr_in6 *sin6 = (struct sockaddr_in6 *)nam; @@ -385,7 +385,7 @@ } if (IN6_IS_ADDR_UNSPECIFIED(&inp->in6p_laddr)) { if (inp->inp_lport == 0) { - error = in6_pcbbind(inp, (struct sockaddr *)0, td); + error = in6_pcbbind(inp, (struct sockaddr *)0, cred); if (error) return (error); } --- //depot/vendor/freebsd/src/sys/netinet6/in6_pcb.h 2004/02/13 06:50:50 +++ //depot/user/pjd/pcbcred/sys/netinet6/in6_pcb.h 2004/03/26 04:47:01 @@ -76,9 +76,8 @@ void in6_pcbpurgeif0 __P((struct in6pcb *, struct ifnet *)); void in6_losing __P((struct inpcb *)); -int in6_pcballoc __P((struct socket *, struct inpcbinfo *, struct thread *)); -int in6_pcbbind __P((struct inpcb *, struct sockaddr *, struct thread *)); -int in6_pcbconnect __P((struct inpcb *, struct sockaddr *, struct thread *)); +int in6_pcbbind __P((struct inpcb *, struct sockaddr *, struct ucred *)); +int in6_pcbconnect __P((struct inpcb *, struct sockaddr *, struct ucred *)); void in6_pcbdetach __P((struct inpcb *)); void in6_pcbdisconnect __P((struct inpcb *)); int in6_pcbladdr __P((struct inpcb *, struct sockaddr *, @@ -104,7 +103,7 @@ int in6_mapped_sockaddr __P((struct socket *so, struct sockaddr **nam)); int in6_mapped_peeraddr __P((struct socket *so, struct sockaddr **nam)); int in6_selecthlim __P((struct in6pcb *, struct ifnet *)); -int in6_pcbsetport __P((struct in6_addr *, struct inpcb *, struct thread *)); +int in6_pcbsetport __P((struct in6_addr *, struct inpcb *, struct ucred *)); void init_sin6 __P((struct sockaddr_in6 *sin6, struct mbuf *m)); #endif /* _KERNEL */ --- //depot/vendor/freebsd/src/sys/netinet6/in6_src.c 2004/02/04 04:56:16 +++ //depot/user/pjd/pcbcred/sys/netinet6/in6_src.c 2004/03/26 04:47:01 @@ -742,10 +742,10 @@ * share this function by all *bsd*... */ int -in6_pcbsetport(laddr, inp, td) +in6_pcbsetport(laddr, inp, cred) struct in6_addr *laddr; struct inpcb *inp; - struct thread *td; + struct ucred *cred; { struct socket *so = inp->inp_socket; u_int16_t lport = 0, first, last, *lastport; @@ -763,7 +763,7 @@ last = ipport_hilastauto; lastport = &pcbinfo->lasthi; } else if (inp->inp_flags & INP_LOWPORT) { - if (td && (error = suser(td))) + if ((error = suser_cred(cred, 0))) return error; first = ipport_lowfirstauto; /* 1023 */ last = ipport_lowlastauto; /* 600 */ --- //depot/vendor/freebsd/src/sys/netinet6/udp6_output.c 2004/02/03 10:25:31 +++ //depot/user/pjd/pcbcred/sys/netinet6/udp6_output.c 2004/03/26 05:27:39 @@ -70,6 +70,7 @@ #include "opt_inet6.h" #include +#include #include #include #include @@ -213,7 +214,7 @@ goto release; } if (in6p->in6p_lport == 0 && - (error = in6_pcbsetport(laddr, in6p, td)) != 0) + (error = in6_pcbsetport(laddr, in6p, td->td_ucred)) != 0) goto release; } else { if (IN6_IS_ADDR_UNSPECIFIED(&in6p->in6p_faddr)) { --- //depot/vendor/freebsd/src/sys/netinet6/udp6_usrreq.c 2004/02/17 06:05:37 +++ //depot/user/pjd/pcbcred/sys/netinet6/udp6_usrreq.c 2004/03/26 04:47:01 @@ -572,14 +572,15 @@ inp->inp_vflag |= INP_IPV4; inp->inp_vflag &= ~INP_IPV6; s = splnet(); - error = in_pcbbind(inp, (struct sockaddr *)&sin, td); + error = in_pcbbind(inp, (struct sockaddr *)&sin, + td->td_ucred); splx(s); return error; } } s = splnet(); - error = in6_pcbbind(inp, nam, td); + error = in6_pcbbind(inp, nam, td->td_ucred); splx(s); return error; } @@ -605,7 +606,8 @@ return EISCONN; in6_sin6_2_sin(&sin, sin6_p); s = splnet(); - error = in_pcbconnect(inp, (struct sockaddr *)&sin, td); + error = in_pcbconnect(inp, (struct sockaddr *)&sin, + td->td_ucred); splx(s); if (error == 0) { inp->inp_vflag |= INP_IPV4; @@ -618,7 +620,7 @@ if (!IN6_IS_ADDR_UNSPECIFIED(&inp->in6p_faddr)) return EISCONN; s = splnet(); - error = in6_pcbconnect(inp, nam, td); + error = in6_pcbconnect(inp, nam, td->td_ucred); splx(s); if (error == 0) { if (!ip6_v6only) { /* should be non mapped addr */